Comments on: Cross Domain Ajax using CSSHttpRequest

By: Gregory Magarshak

Gregory Magarshak — Sat, 24 Oct 2009 23:01:38 +0000

It’s interesting. I’m sure the idea was to make the code “safe”, i.e. it won’t run any javascript on your page. But it could still mess up your css.

I would suggest if you do use this technique, LOAD IT FROM ANOTHER FRAME. That way it can’t mess up the CSS.

Otherwise it seems to me to be a cool cross-domain technique. It solves the “trust the provider” problem. However it still does not solve the “authenticated user” problem. A superior solution (at least until browsers tighten security) is the cross-domain communication iframe technique.

By: John

John — Mon, 12 Oct 2009 07:08:48 +0000

I almost jizzed my pants when I saw this but then saw that it is only limited to .get()

if only POST is supported.

By: Kim Steinhaug

Kim Steinhaug — Wed, 07 Oct 2009 01:42:31 +0000

Hmm, as proof of conecpt it is nice however what is better is to create a simple proxyserver. Not many lines of code needed, and you do not need to do much different either…

By: Nate

Nate — Mon, 05 Oct 2009 21:31:10 +0000

don’t do it!

By: Scott Radcliff

Scott Radcliff — Mon, 05 Oct 2009 19:37:07 +0000

I have to say I agree with the others. I see no point. This seems to be a classic case of reinventing the wheel, and even then I can’t think of a case where I would need it.

Do you have any examples of useful cases where this has been used?

By: mrLami

mrLami — Mon, 05 Oct 2009 14:11:42 +0000

Singing along with the choir…

Whats the use or point of this again?

By: sander

sander — Mon, 05 Oct 2009 09:42:28 +0000

how semantic

By: Staxx

Staxx — Mon, 05 Oct 2009 09:25:22 +0000

Bah! What a truly nasty way of cross domain ajax. This is not the way!